04 November, 2015

NSA-linked firm pays $1 million bounty to i0S9 hackers

A group of
hackers has won a $1-million bounty offered by a company affiliated
with NSA for remotely hacking the latest iPhone operating system.

The prize
was offered by the French cybersecurity firm Zerodium as part of a
challenge set to demonstrate the possibility of remotely jailbreaking
devices running iOS 9.1.

The hack
makes it easier for intelligence agencies such as the NSA and the CIA
to spy on targets using devices with the new iOS. The few latest
versions of the operating system had been reported not to be
accessible remotely by any unauthorized third party.

When the
bounty was announced back in September, a former NSA employee told
online tech magazine Motherboard that the offered amount was
significantly lower than the possible price tag “if you sell it to
the right people.”

Companies
such as Zerodium are known to offer higher rewards than standard tech
companies for exposing security bugs. When independent entities
expose the vulnerabilities, the bug-broker firms only announce the
general information about the bug and sell the particular data and
details to certain customers such as government intelligence
agencies.

According to
the company’s director, Chaouki Bekrar, tests are still being run
to make sure the exploit chain “fully meets the bounty rules.” He
noted that Apple will probably patch the vulnerabilities in “a few
weeks to a few months.”